package com.chenziruo.securitydemo.controller;

import com.chenziruo.securitydemo.entity.User;
import com.chenziruo.securitydemo.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@RestController
@RequestMapping("user")
public class UserController {

    @Autowired
    public UserService userService;

    @GetMapping("/list")
    @PreAuthorize("hasRole('ADMINISTRATOR') and authentication.name == 'admim'" )
    public List<User> getList(){
        return userService.list();
    }

    @PostMapping("/add")
    @ResponseBody
    public  String add(@RequestParam("username") String username,
                       @RequestParam("password") String password){
        User user = new User();
        user.setUsername(username);
        user.setPassword(password);
        userService.saveUserDetails(user);
        return "success";
    }
}